In Part 1 I began my investigation of an example infection of the infamous Stuxnet worm with the Sysinternals tools. I used Process Explorer , Autoruns and VMMap for a post-infection survey of the system. Autoruns quickly revealed the heart of Stuxnet...

This post is authored by Corom Thompson and Santosh Balasubramanian, Engineers in Information Management and Machine Learning at Microsoft. To subscribe to this blog, click here .
Updated 5/2/2015
We've had some questions so we updated this...

When Office products are downloaded from the Volume License Service Center they come down as .ISO files. .ISO is not a file format that Windows can open natively. An ISO file is an image of a CD/DVD. Typically you would be able to use a burning...

Update: We are now done - please let us know what you think in the comments section!
As many of you may be aware, the TechNet Blogs run on the Telligent Community platform.
It's a great product, but we're a little out of date in terms of...

It’s finally here! After pages and pages of comments from you requesting the ability to clean up the WinSxS directory and component store on Windows Server 2008 R2, an update is available.
http://support.microsoft.com/kb/2852386
As a refresher...

Securing company data has always been a central concern for IT, and, in a cloud-first, mobile-first world , the massive challenges that accompany the maintenance of this security have become even more acute. Reports of increasingly invasive and sophisticated...

I finally upgraded one of my laptops to Windows 8.1 and my first immediate problem was the wifi adapter was showing "limited" or "No Internet Access". I know my home wireless is functional cause it works on other devices so I go through the motions of...

Update 9/9/2014 Warren here yet again to update this blog to tell you that the GP to control the Store icon pin has shipped in the August 2014 update: http://support.microsoft.com/kb/2975719/ . If you want to control the Store icon pinned to the taskbar...

Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010.
This blog will discuss mitigations and temporary...

Command (.cmd) and batch (.bat) files can be directly provided as input to the CreateProcess as if it is an executable. CreateProcess uses the cmd.exe automatically to run the input .cmd or .bat.
Today, with the bulletin MS14-019 we are fixing a...

We wrote several times in this blog about the importance of enabling Address Space Layout Randomization mitigation (ASLR) in modern software because it’s a very important defense mechanism that can increase the cost of writing exploits for attackers...

Today we released four security bulletins addressing 11 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other two have a maximum severity rating of Important. We hope that the table below helps you prioritize the...

** If you're looking to free up disk space and reduce the size of the WinSxS directory on Windows Server 2008 R2, make sure to check out the following blog post on this topic**
How to clean up the WinSxS Directory and Free up Disk Space on Windows...

On November 3 2009, Sysinternals retired NewSID , a utility that changes a computers machine Security Identifier (machine SID). I wrote NewSID in 1997 (its original name was NTSID) because the only tool available at the time for changing machine SIDs...

Hi! Its Linda Taylor here again from the Directory Services Escalation team in the UK. In this post, I want to tell you – We are hiring in the UK!!
Would you like to join the UK Escalation Team and work on the most technically challenging and...

UPDATE: The hotfix is now available for this issue! Get it at http://support.microsoft.com/kb/2989971
This hotfix applies to Windows Server 2012 R2 domain controllers and should prevent the specific problem discussed below from occurring.
It’s...

Hi All!
My name is Saurabh Koshta and I am with the Core Team at Microsoft. Currently I work in the client space so supporting all aspects of Windows 8 and Windows 8.1 is my primary role.
We very often get calls from customers who are evaluating...

Hi, David here. Over the past year we’ve gotten a lot of feedback from our customers about the pain of changing from older versions of Windows over to Windows 8 and Windows 8.1. While it’s a great OS with a lot of compelling features, it’s...

Hi everyone, David here. Today over at the Springboard series blog we announced some important news that applies to anyone who has been trying to roll out the Windows 8.1 update in an enterprise environment. We don’t usually do announcements about...

The following post is fromRoy Levin, distinguished engineer and managing director, Microsoft Research Silicon Valley.

On Tuesday, we dusted off the source code for early versions of MS-DOS and Word for Windows. With the help of the Computer History Museum, we are making this code available to the public for the first time.

The museum has done an excellent job of curating some of the most significant historical software programs in computing history. As part of this ongoing project, the museum will make available two of the most widely used software programs of the 1980’s, MS DOS 1.1 and 2.0 and Microsoft Word for Windows 1.1a, to help future generations of technologists better understand the roots of personal computing.

Sharing knowledge amidst social media is a passion of mine. I challenge myself to try and spark a conversation via any of the most widely used social media avenues available. So when a request for a Step-By-Step post on Active Directory migration following...

So, we’ve been quiet for a few months, which is extraordinarily embarrassing after I basically told everyone that we were going to not do that. The reality of what we do in support is that sometimes it’s “All Hands on Deck”, which...